US6985438B1 - Method and apparatus for processing and forwarding data packets - Google Patents
Method and apparatus for processing and forwarding data packets Download PDFInfo
- Publication number
- US6985438B1 US6985438B1 US09/526,117 US52611700A US6985438B1 US 6985438 B1 US6985438 B1 US 6985438B1 US 52611700 A US52611700 A US 52611700A US 6985438 B1 US6985438 B1 US 6985438B1
- Authority
- US
- United States
- Prior art keywords
- route table
- token
- selector
- matched
- packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/56—Routing software
- H04L45/566—Routing instructions carried by the data packet, e.g. active networks
Definitions
- the present invention relates to a method for processing and forwarding data packets using at least one route table.
- the current standard architecture for a data packet router in a computer network comprises a packet classification module, a routing module and a packet scheduler module.
- a packet classification module assigns a class by the classification module and possibly also predefined processing is applied to it, such as checking the source address, changing or adding some header fields, decrementing the time-to-live (TTL) field, dropping it if the TTL value reaches 0 etc.
- TTL time-to-live
- the routing module uses the resulting class and packet header to evaluate the packet's further route. For this purpose it contains a forwarding information base which usually has the form of a route table and merely serves as “signpost” for the data packets to be transmitted.
- additional processing may apply to the packet, before the packet is put, as a third main step, in at least one packet queue that is controlled by the packet scheduler.
- Streamlined variants of the above process exist, where a packet is directly copied from the incoming network interface card that may have its own forwarding information base to an outgoing interface card.
- FIG. 1 This standard procedure, the so-called “fast data path” of a router, is illustrated in FIG. 1 .
- the route table i.e. the “signpost” for data packets
- the procedure itself is a static pipeline operating on incoming data packets.
- the set of instructions applied to a packet is rather limited and predetermined by the packet's type (class).
- Reconfiguration of a data router e.g. said updating of the route table, is achieved by special purpose “signaling” protocols. Data packets that belong to such a protocol are removed from the fast data path and are passed to external processing modules capable of handling the signaling protocol.
- the router hosts one or more execution entities EE i to EE n which are responsible for interpreting program instructions contained in “active packets”, namely data packets that themselves contain the program to be applied to them, or other signaling information.
- FIG. 3 the control flow for a single packet inside a traditional and possibly active router in this standard approach can be depicted as shown in FIG. 3 .
- a program store drives the Central Processing Unit (CPU) and the CPU reads from the route table for making routing decisions. Accessing the route table is necessary for almost every data packet that enters the system. Actual routers may have multiple CPUs, program and data stores.
- CPU Central Processing Unit
- this object is achieved by means of a method for processing and forwarding data packets comprising the steps of:
- an apparatus for the processing of data packets in the fast data path while it can be dynamically reprogrammed at the same time, namely an apparatus comprising the following items:
- At least one routing table is provided that comprises entries containing operation code or a program for the execution of an operation.
- the programmable packet processing method of the present invention replaces the routing module of classical packet routers and merges it with the execution entity modules as previously introduced.
- FIG. 4 shows, on the same level of abstraction as FIG. 3 , this merging and the resulting control path for data packets.
- the method and apparatus according to the invention make it possible that standard operating and routing of data packets and dynamic reprogramming of the router take place in the same fast data path. Thus, reprogramming as well as routing is faster and handled more uniformly than by the methods and devices known so far.
- an incoming data packet preferably contains itself the information on what operation is executed on it by having assigned a selector, i.e. an indexing datum to be matched with a route table input index field, that matches a route table index field that belongs to a certain operation to be executed on the packet. Therefore, any packet most naturally plays an active role instead of a passive role of the data packets in standard routing methods upon which pre-defined operations are executed.
- a selector may even refer to an operation that transfers another operation stored within the packet to the routing table and thus activates it. In this way, the concept of “active packets” is naturally embedded by the invention in the classical routing concept.
- a further advantage of the method according to the present invention is that it allows the routing module to particularly quickly access information about the processing to be applied to a packet and its path since all the required information is contained in one selector field which may be a predefined bit field in the header of the packet.
- Conventional routing includes a relatively time consuming search for relevant information within a packet header.
- a still further advantage of the present invention is that it is completely compatible to prior art routing and that the forwarding behavior of a classical routing module can be provided.
- the execution model according to the present invention is an alternate computing model to the “von Neumann” model and is a hybrid with elements of a data flow—as well as of a “von Neumann”-model approach.
- a structural similarity to a data flow machine is given by the fact that instructions are stored inside the route table while data items (i.e. selector+packet tokens) flow through these operations.
- the method according to the invention can also host a “von Neumann” style of program by having one selector+packet token represent one flow of control. Each control flow then picks one instruction after the other, it therefore operates on the token's data as well as on the route table itself.
- the method according to the invention easily and naturally enables parallel computing. It just has to be allowed for the possibility that different tokens are matched to different route table entries at the same time and the corresponding operations are executed simultaneously. Parallel computing is even better be taken advantage of if the matching of tokens with route table entries is carried out in a non-deterministic instead of in a deterministic way.
- the method according to the present invention allows to implement distributed processing on different processing entities in a rather straightforward manner.
- FIGS. 1–3 show various prior art routing systems
- FIG. 4 illustrates a control path for data packets in accordance with the invention.
- FIG. 5 shows a routing module in accordance with the invention.
- FIG. 5 schematically depicts a block diagram of this embodiment of the method according to the invention.
- the routing module to be described in the following is based on four elements:
- sel in is an in-selector value serving as input index field, c an operation code, sel out an out-selector value serving as output index field and i an additional state.
- i may contain information, such as an additional selector value, queuing information or other additional processing information, to be used depending on the status of the packet to be processed.
- This new routing module operates as follows:
- the prior art's routing module's role is to map data packets, based on classifications and/or packet header fields, to the packet queues of the packet scheduler module.
- This forwarding behavior of the prior art's routing module can also be provided by the above specified new routing module. To do that, the following steps have to be carried out:
- the routing module works as a data flow computing device.
- a structural similarity to a data flow machine is given by the fact that instructions are stored inside the route table while tokens “flow” through these operations.
- selectors resemble the tags of data flow machines that identify the state and position of a token.
- the matching and execution rules are different from classical data flow architectures (data-driven vs. demand-driven) as tokens can be discarded if there is no matching entry in the route table.
- selectors are explicitly handled by the programs themselves instead of being an internal aspect of data flow execution.
- the new routing module also enables the execution of arbitrary programs by the virtue of the repeated execution of instructions according to the steps 3 and 4. This can be done as follows:
- the set of instructions has to contain minimal support for branching as well as memory access, allowing to conditionally divert program flows and to implement procedure calls:
- the method according to the invention is used in the way described above, it essentially is a “von Neumann” computing device. As each control flow picks one instruction after the other, it operates on the token's data as well as on the route table itself. This operation mode will be discussed further below more concretely by way of examples 3 and 4.
- route table entries For some applications based on parallel computing it may be attractive not to predetermine the selection of route table entries that match a given token. In this case, the selection of these route table entries will be carried out by the machine instead of the programmer and will therefore be non-deterministic instead of deterministic. As a consequence, the processor or the processors can optimize its/their work-load and thus enable even faster processing.
- the programmable routing module outlined above enables a superset of classic router functionality as well as arbitrary programming to be implemented. It, however, is by no means the only embodiment of the invention and can be extended or modified in many respects.
- multistage route tables or a plurality of route tables can be provided.
- a selector of a token will then not only select the route table entry but also the route table of which the entry is part. In this way, a packet can jump between the different route tables, depending on its selector, the sel out values contained in the route table and/or other information. Therefore, operations contained in different route tables, and for instance one operation out of every route table, can be executed on a single packet in its path.
- the selector of a token could also be divided into k parts, each of which refers to an other route table.
- One route table entry can also contain more than one operation. In such a case, preferably all route table entries will have the same number of operations. Further, also additional fields or attributes such as fields for the priority, counters, access control lists, certificates, . . . may be provided for.
- Operation code or a program contained in a route table entry can also exhibit a reference to an externally installed subroutine or any other software and/or hardware based device serving as an extension of said operation code or program. Further, there may be route table entries that, depending on the selector values and possibly also on the packet data of incoming tokens, can implement changes to these extensions as well as to other modules such as a packet classifier, a control unit or a scheduler of a router.
- a route table is a table in the conceptual sense and does not have to be a table in the literal sense. Therefore, it can have a data structure that is different from a table structure and, for instance, have the structure of an array of records or a linked list of memory zones. It can also be in a compressed form and comprise auxiliary data structures, for instance hash tables, or other lookup mechanisms to access the route table entries.
- the tokens do not need to have a ⁇ sel,pkt> form.
- the selector information can also be contained explicitly or implicitly in the data packet and therefore has to be extracted or calculated from its contents.
- additional attributes such as suspended flag, processing queue, priority, credentials, access rights, certificates etc.
- additional attributes it can for instance be laid down that a packet is not allowed to make changes to the route table, that it is to be processed only after a certain condition is fulfilled, etc.
- FIG. 5 A variety of possible further embodiments of the invention concerns the data flow architecture.
- the present invention relates to an execution model ( FIG. 5 ) which is a hybrid with elements drawn from both, the “von Neumann” and from the data flow side.
- An apparatus namely a router, comprises the following elements:
- router table stored programs are given in order to make the invention concrete.
- the examples refer to the routing module comprising one route table having entries with four fields described above as embodiment of the invention.
- This packet format adheres to the convention that parameters for instructions and procedures are stored at the packet's head. Similarly, this convention will be extended for the subsequent examples and the packet's tail will be used for a stack of return addresses (selectors).
- the forwarding branch procedure example-one( ) is implemented by the following route table content:
- program execution starts with the first line of the table above. Note that the last line of the table above may or may not be present: The program will take care of correctly forwarding packets in both cases.
- the following route table implements the recursive procedure example-two( ).
- the token arrives selected for a selector value p, i.e. it initially has a sel value of p:
- This example shows a method to store a program inside a remote route table by sending appropriate data packets. This is useful for having “path finder packets” to configure a remote node by downloading a program that will treat a data stream's subsequent packets.
- route table entries An external representation of route table entries is required that is self-delimiting.
- the following instruction depends on such a format:
- the following route table program scans a data packet for route table entries and installs them.
- the data packet must consist of a sequence of route table entries re i , followed by a zero selector field:
- the selector DP is a well-known selector to be used for invoking the downloading program:
- This download program can be extended by user provided enhancements, allowing to “bootstrap” fancier download procedures. If for example a “confirmed download” service is required, one can use the program above to blindly download the modified download program which, instead of executing the halt( ) instruction, returns a confirmation packet.
- this example shows how to implement in-band programming where the program to be applied to a packet is carried inside the packet itself.
- Various names are used synonymously for such packets: capsules, messengers or active packets.
- the first modification relates to the packet format, where we presume that a second (start-) selector value follows the O-sel of the previous example:
- the second modification concerns the packet handler program:
- the forked token synchronizes with the main token when the later has finished installing the program. Synchronization is achieved via the queue that is identified by the id selector. Preferably, each active packet is assigned its own id value in order to avoid synchronization conflicts.
- the main token remains at the head of this queue and continues to do so during the install loop.
- the forked token inserts itself into the same queue, but will occupy the second position, thus block.
- the main token halts and thus quits the token queue, the forked token advances to the head position and starts executing the freshly installed program. At this point, the token's packet data is identical to the data that the original token had when it entered the new routing module.
- the init selector and the remaining packet payload are the two elements required to form a token: Classification of an incoming data packet is reduced to reading in the init-sel field.
- the network architecture that is induced by such a router model requires that packet classification is performed upstream, or ultimately at the edge of such a network.
- selectors can be turned into pointers to remote instructions: They allow to arbitrarily redirect the execution flow to one or more neighbor routers or route tables and to implement distributed algorithms. For redirection, one has to replace a route table entry by one or more FORW operations that send a packet to a remote node where processing will continue. The S out field of the table entry containing the FORW operation can then be used for specifying the selector for the remote target instruction.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The method and the apparatus for processing and forwarding data packets (pkt) in a computer network comprise at least one route table that contains entries each having an input index field (s-in), an operation code or a program (op) for the execution of an operation and an output selector field (s-out). The data packets (pkt) to be processed are each assigned a selector (sel) serving as indexing datum, the data packet (pkt) and the selector (sel) together constituting a token. The selector (sel) of a packet is matched with the input index field (s-in) of the entries of the at least one route table and the operation (op) contained in the matched route table entry or route table entries is/are executed on the matched token. This processing step can be repeated if the operation (op) results in one or more output token/tokens. Since according to the invention, programs to be executed on data packets (pkt) are stored in the route table, data packets (pkt) are directly processed in the fast data path, while at the same time the router can be dynamically reprogrammed.
Description
1. Field of the Invention
The present invention relates to a method for processing and forwarding data packets using at least one route table.
2. Description of the Prior Art
The current standard architecture for a data packet router in a computer network comprises a packet classification module, a routing module and a packet scheduler module. As a first step, an incoming data packet is assigned a class by the classification module and possibly also predefined processing is applied to it, such as checking the source address, changing or adding some header fields, decrementing the time-to-live (TTL) field, dropping it if the TTL value reaches 0 etc. As a second step, the routing module uses the resulting class and packet header to evaluate the packet's further route. For this purpose it contains a forwarding information base which usually has the form of a route table and merely serves as “signpost” for the data packets to be transmitted. Next, additional processing may apply to the packet, before the packet is put, as a third main step, in at least one packet queue that is controlled by the packet scheduler. Streamlined variants of the above process exist, where a packet is directly copied from the incoming network interface card that may have its own forwarding information base to an outgoing interface card.
This standard procedure, the so-called “fast data path” of a router, is illustrated in FIG. 1 . Whereas the route table, i.e. the “signpost” for data packets, can be dynamically updated, the procedure itself is a static pipeline operating on incoming data packets. The set of instructions applied to a packet is rather limited and predetermined by the packet's type (class). Reconfiguration of a data router, e.g. said updating of the route table, is achieved by special purpose “signaling” protocols. Data packets that belong to such a protocol are removed from the fast data path and are passed to external processing modules capable of handling the signaling protocol.
Active networks add programmability to a router while still adhering to the same architecture (see FIG. 2 ): The router hosts one or more execution entities EEi to EEn which are responsible for interpreting program instructions contained in “active packets”, namely data packets that themselves contain the program to be applied to them, or other signaling information.
At a high level of abstraction, the control flow for a single packet inside a traditional and possibly active router in this standard approach can be depicted as shown in FIG. 3 . A program store drives the Central Processing Unit (CPU) and the CPU reads from the route table for making routing decisions. Accessing the route table is necessary for almost every data packet that enters the system. Actual routers may have multiple CPUs, program and data stores.
If a whole classical routing system is regarded from the data flow architecture point of view, it represents an example of the data flow model: Data items are processed by stationary instructions. This is in contrast to the “von Neumann” computing model which is the dominant model for traditional computing. The “von Neumann” model is characterized by one or more control flows in motion that operate on data residing in explicitly addressed memory places.
It is the object of the present invention to provide a method that enables to process data packets in a computer network in the fast data path while simultaneously allowing to dynamically reprogram the router and to provide at the same time a new method for the execution of programs that makes parallel processing possible either in a data flow or in a “von Neumann” architecture.
According to the invention, this object is achieved by means of a method for processing and forwarding data packets comprising the steps of:
-
- providing at least one route table comprising entries containing an input index field and at least one operation code or a program for the execution of an operation,
- assigning a selector serving as indexing datum to each data packet, the data packet and its selector being parts of a token,
- matching of the selector of a packet matched with the input index field of the entries of said at least one route table,
- execution on the matched token of the at least one operation contained in the at least one matched route table entry.
According to an other aspect of the invention, an apparatus is provided for the processing of data packets in the fast data path while it can be dynamically reprogrammed at the same time, namely an apparatus comprising the following items:
-
- at least one route table comprising entries containing an input index field and at least one of operation code and of a program for the execution of an operation,
- means for assigning a selector serving as indexing datum to each data packet, the data packet and its selector being parts of a token,
- means for matching the selector of a packet with the input index field of the entries of said at least one route table,
- means for executing on the matched token the at least one operation contained in the at least one matched route table entry.
According to the invention, at least one routing table is provided that comprises entries containing operation code or a program for the execution of an operation. In this way, the programmable packet processing method of the present invention replaces the routing module of classical packet routers and merges it with the execution entity modules as previously introduced. FIG. 4 shows, on the same level of abstraction as FIG. 3 , this merging and the resulting control path for data packets. The method and apparatus according to the invention make it possible that standard operating and routing of data packets and dynamic reprogramming of the router take place in the same fast data path. Thus, reprogramming as well as routing is faster and handled more uniformly than by the methods and devices known so far.
Further, an incoming data packet preferably contains itself the information on what operation is executed on it by having assigned a selector, i.e. an indexing datum to be matched with a route table input index field, that matches a route table index field that belongs to a certain operation to be executed on the packet. Therefore, any packet most naturally plays an active role instead of a passive role of the data packets in standard routing methods upon which pre-defined operations are executed. A selector may even refer to an operation that transfers another operation stored within the packet to the routing table and thus activates it. In this way, the concept of “active packets” is naturally embedded by the invention in the classical routing concept.
A further advantage of the method according to the present invention is that it allows the routing module to particularly quickly access information about the processing to be applied to a packet and its path since all the required information is contained in one selector field which may be a predefined bit field in the header of the packet. Conventional routing includes a relatively time consuming search for relevant information within a packet header.
A still further advantage of the present invention is that it is completely compatible to prior art routing and that the forwarding behavior of a classical routing module can be provided.
The method according to the invention, in addition to being a method for routing of packets containing simple data, also enables the execution of arbitrary programs. From the data flow architecture point of view, the execution model according to the present invention is an alternate computing model to the “von Neumann” model and is a hybrid with elements of a data flow—as well as of a “von Neumann”-model approach. A structural similarity to a data flow machine is given by the fact that instructions are stored inside the route table while data items (i.e. selector+packet tokens) flow through these operations. However, the method according to the invention can also host a “von Neumann” style of program by having one selector+packet token represent one flow of control. Each control flow then picks one instruction after the other, it therefore operates on the token's data as well as on the route table itself.
The method according to the invention easily and naturally enables parallel computing. It just has to be allowed for the possibility that different tokens are matched to different route table entries at the same time and the corresponding operations are executed simultaneously. Parallel computing is even better be taken advantage of if the matching of tokens with route table entries is carried out in a non-deterministic instead of in a deterministic way.
Finally, the method according to the present invention allows to implement distributed processing on different processing entities in a rather straightforward manner.
The preferred embodiments of the invention are described with reference to the accompanying drawings in which:
In the following, a detailed description of an embodiment of the present invention, namely a routing module, is given with reference to FIG. 5 , which schematically depicts a block diagram of this embodiment of the method according to the invention.
The routing module to be described in the following is based on four elements:
- (a) A plurality of tokens of the form <sel,pkt>, where sel is a selector (or “tag”) serving as indexing datum and pkt is a data packet,
- (b) a multi-set (“token bag”) for storing tokens,
- (c) a route table consisting of entries, each containing the following fields:
selin | c | selout | i | ||
where selin is an in-selector value serving as input index field, c an operation code, selout an out-selector value serving as output index field and i an additional state. i may contain information, such as an additional selector value, queuing information or other additional processing information, to be used depending on the status of the packet to be processed.
- (d) a control unit (CU).
This new routing module operates as follows:
- 1. A <sel,pkt> token arrives from the packet classification module and is put into the multi-set.
- 2. The control unit picks and removes a token from the multi-set.
- 3. The token's selector value sel is used to locate all entries in the route table that have a matching selin field. Tokens for which no matching in-selector values can be found are discarded. Alternatively, they are processed by a default processing routine.
- 4. For each matching entry, the corresponding operation c is performed:
- If the operation is a FORW (forward) operation, the token's packet data is put into a queue of the subsequent packet scheduler module. Information about which queue to use is either stored in the entry's state field i, is computed from the packet's data, or is otherwise provided.
- If the operation is a HALT operation, the token is destroyed and no output token is generated.
- For any other operation, one or more new tokens are generated that contain the possibly modified packet data of the input token. The new tokens' sel values are either copied from the selout field of the route table entry, or otherwise computed.
- 5. New tokens, if any were generated, are put in the multi-set.
- 6. Processing continues with
step 1 or 2.
The prior art's routing module's role is to map data packets, based on classifications and/or packet header fields, to the packet queues of the packet scheduler module. This forwarding behavior of the prior art's routing module can also be provided by the above specified new routing module. To do that, the following steps have to be carried out:
Unicast Forwarding:
- (a) The packet classifier (c.f.
FIGS. 1 and 2 ) is configured such that it provides a selector for each data packet type. Unclassifiable packets are assigned a default selector. The packets are subsequently put in the multi-set (“token bag”) depicted inFIG. 5 . - (b) The routing table is configured such that each potential selector value has exactly one entry.
- (c) A special operation code c is defined and an associated procedure is implemented in the route table and an entry is defined whose selin value corresponds to the default selector. The procedure thus treats the packets that were classified in the default category and which therefore need special matching rules (e.g. longest prefix for IP addresses: Such an operation most likely makes use of the entry's additional state i). The said operation either outputs a new token whose selector value indexes another entry in the route table that contains the FORW operation and puts this token in the token bag, or it directly performs the FORW.
Multicast Forwarding:
The same approach as above is used, except that multiple entries exist in the route table which have the same selin value. Two cases are possible:
- (1) The classifier assigns such an ambiguous selector value. Steps 3 and 4 will automatically take care of multiplying the incoming data packet,
- (2) The classifier assigns an unambiguous selector. However, one or more of the subsequent operations c create a new token with a selector value for which multiple entries exist.
Applied in the above way for routing, the routing module works as a data flow computing device. A structural similarity to a data flow machine is given by the fact that instructions are stored inside the route table while tokens “flow” through these operations. Also, selectors resemble the tags of data flow machines that identify the state and position of a token. However, we note that the matching and execution rules are different from classical data flow architectures (data-driven vs. demand-driven) as tokens can be discarded if there is no matching entry in the route table. Also, selectors are explicitly handled by the programs themselves instead of being an internal aspect of data flow execution.
In addition to being a further development of a classical routing module, the new routing module also enables the execution of arbitrary programs by the virtue of the repeated execution of instructions according to the steps 3 and 4. This can be done as follows:
-
- Each thread of execution is mapped to one <sel,pkt> token.
- The program instructions are stored as operations in the route table.
- A token's selector value points to the next instruction to process. It plays the role of the “program counter” of other computing devices. Instructions which generate an output token are therefore required to choose the new selector value such that it points to the next instruction to be processed. This may be done by choosing the selector contained in the selout field of route table entries or by computing the new sel value.
- Execution of a program flow ends when a selector value is matched with a route table entry containing an operation that does not generate an output token or when the resulting token has no matching entry.
For executing programs for general purposes, the set of instructions has to contain minimal support for branching as well as memory access, allowing to conditionally divert program flows and to implement procedure calls:
-
- An instruction that is able to output tokens with different output selector values suffices to implement branching. The resulting selector value may depend on the token's packet data and/or any other state in the router, including the route table, the packet classifier and packet scheduler, and/or may even be assigned randomly.
- Instructions to add, read, change and remove complete entries in the route table provide memory access. It is interesting to notice that such instructions to add, read and remove entries from the route table turn the present invention's routing module into a Turing complete computing device.
- Together with instructions to store and retrieve selector values, e.g. inside a token's data packet, inside the route table, or in other places, the branching instructions enable procedure calls.
If the method according to the invention is used in the way described above, it essentially is a “von Neumann” computing device. As each control flow picks one instruction after the other, it operates on the token's data as well as on the route table itself. This operation mode will be discussed further below more concretely by way of examples 3 and 4.
Using the above described tools, the method according to the invention also most naturally leads to parallel computing. One has only to allow for the possibility that different tokens are matched with different route table entries simultaneously and to start with more than one token representing a program flow. For the case of the parallel execution of program flows, basic synchronization primitives must be provided:
-
- By switching off the eligibility of tokens to be picked by the CU, i.e. by temporarily removing tokens from the multi-set (“token bag”), execution flows can be suspended.
- Special instructions are provided to make suspended tokens re-eligible for execution, either explicitly (barriers, queues) and/or by environmental changes (e.g. a timeout or a condition to be fulfilled).
For some applications based on parallel computing it may be attractive not to predetermine the selection of route table entries that match a given token. In this case, the selection of these route table entries will be carried out by the machine instead of the programmer and will therefore be non-deterministic instead of deterministic. As a consequence, the processor or the processors can optimize its/their work-load and thus enable even faster processing.
By means of the above specified tools, the programmable routing module outlined above enables a superset of classic router functionality as well as arbitrary programming to be implemented. It, however, is by no means the only embodiment of the invention and can be extended or modified in many respects.
Instead of one route table as described above, multistage route tables or a plurality of route tables can be provided. In such a case it is for instance possible to map every execution entity (EEi) of a prior art routing module onto one route table and in this way to be able to make use of the wealth of tools developed for the prior art routers. A selector of a token will then not only select the route table entry but also the route table of which the entry is part. In this way, a packet can jump between the different route tables, depending on its selector, the selout values contained in the route table and/or other information. Therefore, operations contained in different route tables, and for instance one operation out of every route table, can be executed on a single packet in its path. Alternatively, if, for instance, k route tables are present, the selector of a token could also be divided into k parts, each of which refers to an other route table.
One route table entry can also contain more than one operation. In such a case, preferably all route table entries will have the same number of operations. Further, also additional fields or attributes such as fields for the priority, counters, access control lists, certificates, . . . may be provided for.
Operation code or a program contained in a route table entry can also exhibit a reference to an externally installed subroutine or any other software and/or hardware based device serving as an extension of said operation code or program. Further, there may be route table entries that, depending on the selector values and possibly also on the packet data of incoming tokens, can implement changes to these extensions as well as to other modules such as a packet classifier, a control unit or a scheduler of a router.
A route table is a table in the conceptual sense and does not have to be a table in the literal sense. Therefore, it can have a data structure that is different from a table structure and, for instance, have the structure of an array of records or a linked list of memory zones. It can also be in a compressed form and comprise auxiliary data structures, for instance hash tables, or other lookup mechanisms to access the route table entries.
The tokens do not need to have a <sel,pkt> form. The selector information can also be contained explicitly or implicitly in the data packet and therefore has to be extracted or calculated from its contents. For many system architectures it will also be advisable to give the tokens additional attributes, such as suspended flag, processing queue, priority, credentials, access rights, certificates etc. In such additional attributes it can for instance be laid down that a packet is not allowed to make changes to the route table, that it is to be processed only after a certain condition is fulfilled, etc.
A variety of possible further embodiments of the invention concerns the data flow architecture. As explained above, the present invention relates to an execution model (FIG. 5 ) which is a hybrid with elements drawn from both, the “von Neumann” and from the data flow side.
This hybrid approach is well in-line with the less strict view on data flow architectures that has emerged in recent years (multithreaded computers). However, in the present method for data packet processing and forwarding, tokens can flow in the network. Thus, data flow items are not confined anymore to one central processing unit but are transportable over the network. The selector concept, together with the “programmable route table” and the execution loop model of FIG. 5 , are the key enabler for this approach. The method according to the invention is therefore also highly suited to be implemented using multiple processing elements.
An apparatus according to the invention, namely a router, comprises the following elements:
-
- A device for receiving, processing and forwarding data, for instance a computer equipped with appropriate interfaces.
- An implementation of the method for data packet processing and forwarding according to the invention on said device, for instance a program stored on the computer or a microprocessor the architecture of which is such that it supports the data flow and control flow architecture of the method according to the invention particularly the data and control flow as schematically depicted in
FIG. 5 .
While previously the method and apparatus according to the invention were discussed in a rather abstract way, in the following a few examples for router table stored programs are given in order to make the invention concrete. The examples refer to the routing module comprising one route table having entries with four fields described above as embodiment of the invention.
Using a PASCAL like notation, we aim at implementing the following packet handling program with the new routing module:
-
- PROC example—one(s: selector);
- CONST t: selector;
- BEGIN
- IF exists a route table entry with in-selector s THEN drop front packet header;
- forward via selector s
- ELSE
- forward via selector t
- FI
- IF exists a route table entry with in-selector s THEN drop front packet header;
- END.
where the incoming packet has the following layout - (head) [sel s|payload](tail)
and is classified for selector p on entry (thus, initially the token has the form <p,[s|payload]>).
This packet format adheres to the convention that parameters for instructions and procedures are stored at the packet's head. Similarly, this convention will be extended for the subsequent examples and the packet's tail will be used for a stack of return addresses (selectors).
The following instructions are needed to implement the first example program:
-
- NOP token(s: selector)
- token( ) is a pseudo operation that changes a token's selector value to the new value s before the token is put back into the token bag.
- The token( ) pseudo operation can be realized by the stand-alone instruction NOP (no-operation) whose selout field has the value s:
selin | NOP | s | — | ||
-
- JCEX jump—on—existence(a, b, c: selector)
- A conditional jump is made i.e., the output token receives a new selector value depending on the content of the route table:
- IF exists a route table entry with in-selector a THEN
- token (b)
- ELSE
- token (c)
- FI
- IF exists a route table entry with in-selector a THEN
- By convention it is assumed that parameter a is stored as the first header field inside the token's packet data as described above, while b and c are stored in the route table entry of the JCEX instruction instance.
- JH jump—to—header( )
- The token's new selector value is taken from the token's packet header, and the packet length is trimmed accordingly:
- VAR s: selector;
- s :=pop front of packet header
- token (s);
Using these three instructions, the forwarding branch procedure example-one( ) is implemented by the following route table content:
selin | OP | selout | addtl. state |
p | JCEX | t1 | t2 | jmp to t1 if hdr field (s) is |
known, else jmp to t2 | ||||
t1 | JH | — | — | pop hdr field and jump |
there (s) | ||||
t2 | FORW | — | queue id | forward |
s | FORW | — | queue id | forward |
Packets arrive classified for selector p. Thus, program execution starts with the first line of the table above. Note that the last line of the table above may or may not be present: The program will take care of correctly forwarding packets in both cases.
In this example, a procedure will recursively be called that pops a header field until it encounters a header field with a specific value m. The program should thus work like the following
-
- PROC example—two( );
- CONST m: selector;
- VAR s: selector;
- BEGIN
- s :=pop packet header;
- IF NOT (s=m) THEN
- example—two ( )
- FI
- END.
where the incoming packet has the following layout: - [s1|s2| . . . |m|payload].
In order for the “return addresses” ri of procedure calls to be stored, they we will be appended to the data packet's tail:
-
- [ . . . |payload|r1| . . . |rn]
The following additional instructions are needed for this example program:
-
- JC jump—conditional (a, b: selector)
- Conditionally jumps to selector a, i.e. the output token has a as its selector value, if the packet's first header field is not the null selector. Otherwise, execution continues at selector b (the output token obtains the selector value b).
- JT jump—to—tail( )
- Pops the outermost tail field of the data packet which becomes the output token's new selector value. The data packet's length is reduced accordingly.
- POPH pop—header( )
- Removes (drops) the first header field of the data packet
- PUSHT push—tail(selector s)
- Extends the data packet by the selector value s.
- XOR xor(s: selector)
- Performs a bit-wise XOR operation on the packet's first header field with s.
The following route table implements the recursive procedure example-two( ). As in the previous example, the token arrives selected for a selector value p, i.e. it initially has a sel value of p:
selin | OP | selout | addtl. state |
p | PUSHT | t0 | t6 | save return addr t6, jmp to proc |
at t0 | ||||
t0 | XOR | t1 | m | start of proc: compare with m |
t1 | JC | t2 | t4 | jump to t4 if equal (i.e. first |
header field = 0) | ||||
t2 | POPH | t3 | — | drop first header field |
t3 | PUSHT | t0 | t5 | save return address t5, jmp to |
proc at t0 | ||||
t4 | POPH | t5 | — | drop first header field |
t5 | JT | — | — | return from proc call |
t6 | FORW | — | queue id | forward trimmed packet, end of |
example program | ||||
This example shows a method to store a program inside a remote route table by sending appropriate data packets. This is useful for having “path finder packets” to configure a remote node by downloading a program that will treat a data stream's subsequent packets.
An external representation of route table entries is required that is self-delimiting. The following instruction depends on such a format:
-
- ADDOP add—operation(r: route—table—entry)
- The route—table—entry (Sin,op,Sout and additional state) is popped from the packet's header and placed in the route table. The length of the data packet is accordingly decreased.
- HALT halt( )
- Discards the current token (i.e., ends the current program flow).
The following route table program scans a data packet for route table entries and installs them. For this, the data packet must consist of a sequence of route table entries rei, followed by a zero selector field:
-
- [re1| . . . | ren|0-sel|payload]
Furthermore, the following program, the “packet handler program”, is permanently stored inside the route table. The selector DP is a well-known selector to be used for invoking the downloading program:
selin | OP | selout | addtl. state |
DP | JC | t0 | t1 | start of download proc: 0-sel? |
t0 | ADDOP | DP | — | install new table entry, loop |
t1 | HALT | — | — | end of proc |
This download program can be extended by user provided enhancements, allowing to “bootstrap” fancier download procedures. If for example a “confirmed download” service is required, one can use the program above to blindly download the modified download program which, instead of executing the halt( ) instruction, returns a confirmation packet.
Instead of having a pre-stored program being applied to data packets, this example shows how to implement in-band programming where the program to be applied to a packet is carried inside the packet itself. Various names are used synonymously for such packets: capsules, messengers or active packets.
One approach consists in extending the stream programming example above in two ways. The first modification relates to the packet format, where we presume that a second (start-) selector value follows the O-sel of the previous example:
-
- [re1| . . . |ren|0-sel|start-sel|payload]
The second modification concerns the packet handler program:
selin | OP | selout | addtl. state |
AP | JC | t0 | t1 | active packet proc: 0-sel? |
t0 | ADDOP | AP | — | install new table entry, loop |
t1 | POPH | t2 | — | drop null selector |
t2 | JH | — | — | jump to start selector |
The disadvantage of this approach is that the in-band program is stripped from the packet, preventing self-routing packets to keep their code base as they travel in an active network. The second approach below fixes this problem by introducing the following concurrency related instructions:
-
- QIN queue—in(s: selector)
- The current token is “put into a token queue”, the queue is identified by the selector s at the packet's first header position, this header field is removed and the packet length is adjusted accordingly.
- Only the token which is at the head of the token queue is eligible for execution, other tokens in the queue have to wait until they advance to the head position. Tokens can be in at most one token queue at any time. Switching to another queue implicitly removes the token from its former queue it was in. Terminating a token (e.g. using the HALT operation) also frees the head position of the token's current queue.
- FORK fork(a, b: selector)
- This operation outputs two tokens. Both have the same packet data but different selector values (a or b). There is no parent/child relation between the forked tokens, although the token with the selector a inherits all input token attributes, e.g. position in a token queue, while the attributes of the other token are reset to some default value.
- DUPH dup—head(s: selector)
- Duplicates the selector s at the packet's head. This results in a larger data packet that starts with two identical header fields.
- DUPT dup—tail ( )
- Duplicates the selector at the packet's tail. This results in a larger data packet that ends with two identical tail fields.
Active packets need to have the internal format
-
- [id-sel|re1| . . . |ren|0-sel|payload|start-sel]
for being processed by the following extended active packet loader program:
- [id-sel|re1| . . . |ren|0-sel|payload|start-sel]
selin | OP | selout | addtl. state |
EAP | DUPH | t0 | — | extd active pkt loader: dup id sel |
t0 | QIN | t1 | put thread in the ‘id’ queue | |
t1 | FORK | t2 | u0 | fork |
t2 | JC | t3 | t4 | install the pkts program: 0-sel? |
t3 | ADDOP | t2 | — | add new route table entry, loop |
t4 | HALT | — | — | end (and quit the current queue) |
u0 | DUPH | u1 | — | the forked token, dup id selector |
u1 | QIN | u2 | — | put thread in the ‘id’ queue, block |
u2 | DUPT | u3 | — | dup start selector at the tail |
u3 | JT | — | — | jump to start selector |
Note that the forked token synchronizes with the main token when the later has finished installing the program. Synchronization is achieved via the queue that is identified by the id selector. Preferably, each active packet is assigned its own id value in order to avoid synchronization conflicts. Despite the fork( ) operation, the main token remains at the head of this queue and continues to do so during the install loop. The forked token inserts itself into the same queue, but will occupy the second position, thus block. When the main token halts and thus quits the token queue, the forked token advances to the head position and starts executing the freshly installed program. At this point, the token's packet data is identical to the data that the original token had when it entered the new routing module.
In this example it will be shown that the concept of instructions at the route table level that explicitly point to the next instruction can be seamlessly extended beyond the scope of a single router or route table to a net of processing entities. It suffices that a packet is transmitted together with its token selector value e.g. by choosing the following wire format that contains an initial selector field:
-
- [init-sel|pkt]
The init selector and the remaining packet payload are the two elements required to form a token: Classification of an incoming data packet is reduced to reading in the init-sel field. Of course, the network architecture that is induced by such a router model requires that packet classification is performed upstream, or ultimately at the edge of such a network.
With the wire format presented above, selectors can be turned into pointers to remote instructions: They allow to arbitrarily redirect the execution flow to one or more neighbor routers or route tables and to implement distributed algorithms. For redirection, one has to replace a route table entry by one or more FORW operations that send a packet to a remote node where processing will continue. The Sout field of the table entry containing the FORW operation can then be used for specifying the selector for the remote target instruction.
Claims (17)
1. A method for processing and forwarding data packets comprising the steps of:
providing at least one route table comprising entries, at least one of which contains an input index field, an output index field, and at least one operation code or a program for the execution of an operation,
assigning a selector serving as indexing datum to each data packet, the data packet and its selector being parts of a token,
matching of the selector of a packet matched with the input index field of the entries of said at least one route table,
executing on the matched token of the at least one operation contained in the at least one matched route table entry,
and maintaining at least one multi-set of tokens, that every matched token is removed from said at least one multi-set, that the packet of such a matched token depending on the semantics of the operation referenced by the matched route table entry, is forwarded or destroyed or at least one new token is generated and again added to one of said at least one multi-set, the selector of said at least one new token being copied from the output index field of the matched route table entry or being otherwise computed.
2. Apparatus for processing and forwarding data packets wherein the following items are provided:
at least one route table comprising entries, at least one of which contains an input index field, an output index field, and at least one operation code or a program for the execution of an operation,
means for assigning a selector serving as indexing datum to each data packet, the data packet and its selector being parts of a token,
means for matching the selector of a packet with the input index field of the entries of said at least one route table,
means for executing on the matched token the at least one operation contained in the at least one matched route table entry
and means for maintaining at least one multi-set of tokens, that every matched token is removed from said at least one multi-set, that the packet of such a matched token depending on the semantics of the operation referenced by the matched route table entry, is forwarded or destroyed or at least one new token is generated and again added to one of said at least one multi-set, the selector of said at least one new token being copied from the output index field of the matched route table entry or being otherwise computed.
3. The apparatus of claim 2 , comprising at least one microprocessor the architecture of which implements at least one of said items.
4. A method for processing and forwarding data packets comprising the steps of:
providing at least one route table comprising entries, at least one of which contains an input index field, an output index field, and at least one operation code for an action other than forwarding data packets or a program for the execution of a respective operation,
assigning a selector serving as indexing datum to each data packet, the data packet and its selector being parts of a token,
matching of the selector of a packet matched with the input index field of the entries of said at least one route table,
executing on the matched token of the at least one operation contained in the at least one matched rout table entry, maintaining at least one multi-set of tokes such that every matched token is removed from said at least one multi-set and that the packet of such a matched token, depending on the semantics of the operation referenced by the matched route table entry, is forwarded or destroyed or at least one new token is generated and again added to one of said at least one multi-sets, the selector of said at least one new token being copied from the output index field of the matched route table entry or being otherwise computed.
5. The method of claim 1 , wherein tokens can be temporarily removed from said at least one multi-set and reinserted later on.
6. The method of claim 1 , wherein a control unit is provided which selects the tokens from the multi-set to be matched with entries of the route table.
7. The method of claim 1 , wherein the route table comprises at least one entry containing one of an operation code or a program that can take care of at least one of entering parts of the contents of a data packet containing operation code into a route table entry and of removing or changing existing route table entries.
8. The method of claim 1 , wherein said at least one of an operation code or a program contained in at least one route table entry comprises a reference to an externally installed subroutine and and any other software or hardware based device serving as an extension.
9. The method of claim 8 , wherein the route table comprises at least one entry containing at least one of an operation code or a program that can take care of altering an extension or other modules based on information contained in a data packet.
10. The method of claim 7 , wherein at least one token containing an operation code is assigned a program flow and at least one of the operation code and its selector and other data stored in said at least one token is formed such that the program flow is executed based on information contained in the token and in the route table.
11. The method of claim 1 , wherein tokens for which no match with entries of the route table is possible, are deleted.
12. The method of claim 1 , wherein at least one default processing routine is provided and wherein tokens for which no match with an input index field of an entry of the at least one route table is possible are processed by one of said at least one default processing routines.
13. The method of claim 1 , wherein the at least one route table is implemented as an array or set of records having the structure of regular or consecutive memory zones, linked lists of memory zones, trees of memory zones or combinations thereof.
14. The method of claim 1 , wherein one or more auxiliary hash tables or indirection pointers are provided to access the entries of said at least one route table.
15. The method of claims claim 1 , wherein at least one route table entry contains more than one operation.
16. The method of claims claim 1 , wherein the selection of route table entries that match a given token is non-deterministic.
17. The method of claims claim 1 , wherein a token's indexing datum is one of being embedded in and of being deductible from the token's data packet.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/146,589 US20050220102A1 (en) | 1999-09-20 | 2005-06-07 | Method and apparatus for processing and forwarding data packets |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP99810833.6A EP1085711B1 (en) | 1999-09-20 | 1999-09-20 | Method and apparatus for processing and forwarding data packets |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/146,589 Continuation US20050220102A1 (en) | 1999-09-20 | 2005-06-07 | Method and apparatus for processing and forwarding data packets |
Publications (1)
Publication Number | Publication Date |
---|---|
US6985438B1 true US6985438B1 (en) | 2006-01-10 |
Family
ID=8243029
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/526,117 Expired - Fee Related US6985438B1 (en) | 1999-09-20 | 2000-03-15 | Method and apparatus for processing and forwarding data packets |
US11/146,589 Abandoned US20050220102A1 (en) | 1999-09-20 | 2005-06-07 | Method and apparatus for processing and forwarding data packets |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/146,589 Abandoned US20050220102A1 (en) | 1999-09-20 | 2005-06-07 | Method and apparatus for processing and forwarding data packets |
Country Status (2)
Country | Link |
---|---|
US (2) | US6985438B1 (en) |
EP (1) | EP1085711B1 (en) |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030223361A1 (en) * | 2002-06-04 | 2003-12-04 | Zahid Hussain | System and method for hierarchical metering in a virtual router based network switch |
US20050025151A1 (en) * | 2003-02-11 | 2005-02-03 | Alcatel | Early-processing request for an active router |
US20050220102A1 (en) * | 1999-09-20 | 2005-10-06 | Christian Tschudin | Method and apparatus for processing and forwarding data packets |
US20050232150A1 (en) * | 2003-06-03 | 2005-10-20 | Kazuto Nishimura | Flow control method and apparatus thereof |
US20060101159A1 (en) * | 2004-10-25 | 2006-05-11 | Alcatel | Internal load balancing in a data switch using distributed network processing |
US7177311B1 (en) | 2002-06-04 | 2007-02-13 | Fortinet, Inc. | System and method for routing traffic through a virtual router-based network switch |
US20070058648A1 (en) * | 2001-06-28 | 2007-03-15 | Fortinet, Inc. | Identifying nodes in a ring network |
US20070073733A1 (en) * | 2000-09-13 | 2007-03-29 | Fortinet, Inc. | Synchronized backup of an object manager global database as part of a control blade redundancy service |
US7203192B2 (en) | 2002-06-04 | 2007-04-10 | Fortinet, Inc. | Network packet steering |
US7266120B2 (en) | 2002-11-18 | 2007-09-04 | Fortinet, Inc. | System and method for hardware accelerated packet multicast in a virtual routing system |
US7278055B2 (en) | 2002-08-29 | 2007-10-02 | Fortinet, Inc. | System and method for virtual router failover in a network routing system |
US7340535B1 (en) | 2002-06-04 | 2008-03-04 | Fortinet, Inc. | System and method for controlling routing in a virtual router system |
US7376125B1 (en) * | 2002-06-04 | 2008-05-20 | Fortinet, Inc. | Service processing switch |
US20090225754A1 (en) * | 2004-09-24 | 2009-09-10 | Fortinet, Inc. | Scalable ip-services enabled multicast forwarding with efficient resource utilization |
US20100094980A1 (en) * | 2000-09-13 | 2010-04-15 | Fortinet, Inc. | Managing and provisioning virtual routers |
US7843813B2 (en) | 2004-11-18 | 2010-11-30 | Fortinet, Inc. | Managing hierarchically organized subscriber profiles |
US7912936B2 (en) | 2000-09-13 | 2011-03-22 | Nara Rajagopalan | Managing interworking communications protocols |
US20110219086A1 (en) * | 2006-03-01 | 2011-09-08 | Fortinet, Inc. | Electronic message and data tracking system |
US8040888B1 (en) | 2007-12-17 | 2011-10-18 | Integrated Device Technology, Inc. | Packet switch with port route tables |
US8250357B2 (en) | 2000-09-13 | 2012-08-21 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US8260918B2 (en) | 2000-09-13 | 2012-09-04 | Fortinet, Inc. | Packet routing system and method |
US8503463B2 (en) | 2003-08-27 | 2013-08-06 | Fortinet, Inc. | Heterogeneous media packet bridging |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1248416A1 (en) * | 2001-04-04 | 2002-10-09 | Alcatel | System, and packet signal, and network-unit and method |
US10205666B2 (en) * | 2013-07-29 | 2019-02-12 | Ampere Computing Llc | End-to-end flow control in system on chip interconnects |
US10027601B2 (en) * | 2015-06-03 | 2018-07-17 | Mellanox Technologies, Ltd. | Flow-based packet modification |
CN109587084A (en) * | 2015-12-30 | 2019-04-05 | 华为技术有限公司 | A kind of message storage forwarding method and circuit and equipment |
US9998225B2 (en) * | 2016-08-06 | 2018-06-12 | OE Solutions Co., Ltd. | Protected ethernet ring with small form-factor pluggable devices |
CN111543034B (en) * | 2017-09-29 | 2021-12-10 | 华为技术有限公司 | Self-describing packet headers for parallel processing |
US10972397B2 (en) | 2017-09-29 | 2021-04-06 | Futurewei Technologies, Inc. | Self-driving packets with conditional commands |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4679189A (en) | 1985-11-27 | 1987-07-07 | American Telephone And Telegraph Company | Alternate routing arrangement |
US6034958A (en) * | 1997-07-11 | 2000-03-07 | Telefonaktiebolaget Lm Ericsson | VP/VC lookup function |
US6069895A (en) * | 1997-08-29 | 2000-05-30 | Nortel Networks Corporation | Distributed route server |
US6157641A (en) * | 1997-08-22 | 2000-12-05 | Cisco Technology, Inc. | Multiprotocol packet recognition and switching |
US6434144B1 (en) * | 1998-07-06 | 2002-08-13 | Aleksey Romanov | Multi-level table lookup |
US6526055B1 (en) * | 1998-10-20 | 2003-02-25 | Sun Microsystems, Inc. | Method and apparatus for longest prefix address lookup |
US6570876B1 (en) * | 1998-04-01 | 2003-05-27 | Hitachi, Ltd. | Packet switch and switching method for switching variable length packets |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1085711B1 (en) * | 1999-09-20 | 2013-06-05 | Christian Prof. Dr. Tschudin | Method and apparatus for processing and forwarding data packets |
-
1999
- 1999-09-20 EP EP99810833.6A patent/EP1085711B1/en not_active Expired - Lifetime
-
2000
- 2000-03-15 US US09/526,117 patent/US6985438B1/en not_active Expired - Fee Related
-
2005
- 2005-06-07 US US11/146,589 patent/US20050220102A1/en not_active Abandoned
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4679189A (en) | 1985-11-27 | 1987-07-07 | American Telephone And Telegraph Company | Alternate routing arrangement |
US6034958A (en) * | 1997-07-11 | 2000-03-07 | Telefonaktiebolaget Lm Ericsson | VP/VC lookup function |
US6157641A (en) * | 1997-08-22 | 2000-12-05 | Cisco Technology, Inc. | Multiprotocol packet recognition and switching |
US6567404B1 (en) * | 1997-08-22 | 2003-05-20 | Cisco Technologies, Inc. | Multiprotocol packet recognition and switching |
US6069895A (en) * | 1997-08-29 | 2000-05-30 | Nortel Networks Corporation | Distributed route server |
US6570876B1 (en) * | 1998-04-01 | 2003-05-27 | Hitachi, Ltd. | Packet switch and switching method for switching variable length packets |
US6434144B1 (en) * | 1998-07-06 | 2002-08-13 | Aleksey Romanov | Multi-level table lookup |
US6526055B1 (en) * | 1998-10-20 | 2003-02-25 | Sun Microsystems, Inc. | Method and apparatus for longest prefix address lookup |
Non-Patent Citations (5)
Title |
---|
Banches et al., "Multicasting Multimedia Streams with Active Networks", IEEE, 1998. * |
European Search Report. |
Report "Multicasting Streams with Active Networks", 23<SUP>rd </SUP>Annual Conference on Local Computer Networks, LCN-98, Oct. 11-14, 1998, p.p. 150-159. |
Smith et al., "Activating Neetworks: A Progress Report", IEEE, 1999. * |
Smith J.M. et al., "Active Networks: Progress Report" Computer, U.S., IEEE Computer Society, No. 4, Apr. 4, 1999, p.p. 32-41. |
Cited By (78)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050220102A1 (en) * | 1999-09-20 | 2005-10-06 | Christian Tschudin | Method and apparatus for processing and forwarding data packets |
US8250357B2 (en) | 2000-09-13 | 2012-08-21 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US8260918B2 (en) | 2000-09-13 | 2012-09-04 | Fortinet, Inc. | Packet routing system and method |
US9160716B2 (en) | 2000-09-13 | 2015-10-13 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US9258280B1 (en) | 2000-09-13 | 2016-02-09 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US8320279B2 (en) | 2000-09-13 | 2012-11-27 | Fortinet, Inc. | Managing and provisioning virtual routers |
US8255510B2 (en) | 2000-09-13 | 2012-08-28 | Fortinet, Inc. | Switch management system and method |
US9391964B2 (en) | 2000-09-13 | 2016-07-12 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US7885207B2 (en) | 2000-09-13 | 2011-02-08 | Fortinet, Inc. | Managing and provisioning virtual routers |
US8069233B2 (en) | 2000-09-13 | 2011-11-29 | Fortinet, Inc. | Switch management system and method |
US20110128891A1 (en) * | 2000-09-13 | 2011-06-02 | Fortinet, Inc. | Managing and provisioning virtual routers |
US20070073733A1 (en) * | 2000-09-13 | 2007-03-29 | Fortinet, Inc. | Synchronized backup of an object manager global database as part of a control blade redundancy service |
US9124555B2 (en) | 2000-09-13 | 2015-09-01 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US7912936B2 (en) | 2000-09-13 | 2011-03-22 | Nara Rajagopalan | Managing interworking communications protocols |
US9667604B2 (en) | 2000-09-13 | 2017-05-30 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US9853948B2 (en) | 2000-09-13 | 2017-12-26 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US7539744B2 (en) | 2000-09-13 | 2009-05-26 | Fortinet, Inc. | Network operating system for maintaining redundant master control blade management information |
US20100094980A1 (en) * | 2000-09-13 | 2010-04-15 | Fortinet, Inc. | Managing and provisioning virtual routers |
US9602303B2 (en) | 2001-06-28 | 2017-03-21 | Fortinet, Inc. | Identifying nodes in a ring network |
US7890663B2 (en) | 2001-06-28 | 2011-02-15 | Fortinet, Inc. | Identifying nodes in a ring network |
US20070058648A1 (en) * | 2001-06-28 | 2007-03-15 | Fortinet, Inc. | Identifying nodes in a ring network |
US8208409B2 (en) | 2001-06-28 | 2012-06-26 | Fortinet, Inc. | Identifying nodes in a ring network |
US7580373B2 (en) | 2001-06-28 | 2009-08-25 | Fortinet, Inc. | Identifying nodes in a ring network |
US9143351B2 (en) | 2001-06-28 | 2015-09-22 | Fortinet, Inc. | Identifying nodes in a ring network |
US9998337B2 (en) | 2001-06-28 | 2018-06-12 | Fortinet, Inc. | Identifying nodes in a ring network |
US20100189016A1 (en) * | 2001-06-28 | 2010-07-29 | Fortinet, Inc. | Identifying nodes in a ring network |
US7522604B2 (en) | 2002-06-04 | 2009-04-21 | Fortinet, Inc. | Routing traffic through a virtual router-based network switch |
US7668087B2 (en) | 2002-06-04 | 2010-02-23 | Fortinet, Inc. | Hierarchical metering in a virtual router-based network switch |
US8068503B2 (en) | 2002-06-04 | 2011-11-29 | Fortinet, Inc. | Network packet steering via configurable association of processing resources and netmods or line interface ports |
US20030223361A1 (en) * | 2002-06-04 | 2003-12-04 | Zahid Hussain | System and method for hierarchical metering in a virtual router based network switch |
US20090073977A1 (en) * | 2002-06-04 | 2009-03-19 | Fortinet, Inc. | Routing traffic through a virtual router-based network switch |
US7376125B1 (en) * | 2002-06-04 | 2008-05-20 | Fortinet, Inc. | Service processing switch |
US7340535B1 (en) | 2002-06-04 | 2008-03-04 | Fortinet, Inc. | System and method for controlling routing in a virtual router system |
US9019833B2 (en) | 2002-06-04 | 2015-04-28 | Fortinet, Inc. | Service processing switch |
US7203192B2 (en) | 2002-06-04 | 2007-04-10 | Fortinet, Inc. | Network packet steering |
US20100220732A1 (en) * | 2002-06-04 | 2010-09-02 | Fortinet, Inc. | Service processing switch |
US8848718B2 (en) | 2002-06-04 | 2014-09-30 | Google Inc. | Hierarchical metering in a virtual router-based network switch |
US8638802B2 (en) | 2002-06-04 | 2014-01-28 | Cisco Technology, Inc. | Network packet steering via configurable association of packet processing resources and network interfaces |
US8542595B2 (en) | 2002-06-04 | 2013-09-24 | Fortinet, Inc. | Service processing switch |
US7161904B2 (en) | 2002-06-04 | 2007-01-09 | Fortinet, Inc. | System and method for hierarchical metering in a virtual router based network switch |
US7720053B2 (en) | 2002-06-04 | 2010-05-18 | Fortinet, Inc. | Service processing switch |
US8306040B2 (en) | 2002-06-04 | 2012-11-06 | Fortinet, Inc. | Network packet steering via configurable association of processing resources and network interfaces |
US8111690B2 (en) | 2002-06-04 | 2012-02-07 | Google Inc. | Routing traffic through a virtual router-based network switch |
US9967200B2 (en) | 2002-06-04 | 2018-05-08 | Fortinet, Inc. | Service processing switch |
US8064462B2 (en) | 2002-06-04 | 2011-11-22 | Fortinet, Inc. | Service processing switch |
US9215178B2 (en) | 2002-06-04 | 2015-12-15 | Cisco Technology, Inc. | Network packet steering via configurable association of packet processing resources and network interfaces |
US7177311B1 (en) | 2002-06-04 | 2007-02-13 | Fortinet, Inc. | System and method for routing traffic through a virtual router-based network switch |
US8819486B2 (en) | 2002-08-29 | 2014-08-26 | Google Inc. | Fault tolerant routing in a non-hot-standby configuration of a network routing system |
US7278055B2 (en) | 2002-08-29 | 2007-10-02 | Fortinet, Inc. | System and method for virtual router failover in a network routing system |
US7761743B2 (en) | 2002-08-29 | 2010-07-20 | Fortinet, Inc. | Fault tolerant routing in a non-hot-standby configuration of a network routing system |
US20110185221A1 (en) * | 2002-08-29 | 2011-07-28 | Fortinet, Inc. | Fault tolerant routing in a non-hot-standby configuration of a network routing system |
US8412982B2 (en) | 2002-08-29 | 2013-04-02 | Google Inc. | Fault tolerant routing in a non-hot-standby configuration of a network routing system |
US10200275B2 (en) | 2002-11-18 | 2019-02-05 | Fortinet, Inc. | Hardware-accelerated packet multicasting |
US9407449B2 (en) | 2002-11-18 | 2016-08-02 | Fortinet, Inc. | Hardware-accelerated packet multicasting |
US8644311B2 (en) | 2002-11-18 | 2014-02-04 | Fortinet, Inc. | Hardware-accelerated packet multicasting in a virtual routing system |
US7266120B2 (en) | 2002-11-18 | 2007-09-04 | Fortinet, Inc. | System and method for hardware accelerated packet multicast in a virtual routing system |
US20050025151A1 (en) * | 2003-02-11 | 2005-02-03 | Alcatel | Early-processing request for an active router |
US7633862B2 (en) * | 2003-06-03 | 2009-12-15 | Fujitsu Limited | Flow control method and apparatus thereof |
US20050232150A1 (en) * | 2003-06-03 | 2005-10-20 | Kazuto Nishimura | Flow control method and apparatus thereof |
US9509638B2 (en) | 2003-08-27 | 2016-11-29 | Fortinet, Inc. | Heterogeneous media packet bridging |
US8503463B2 (en) | 2003-08-27 | 2013-08-06 | Fortinet, Inc. | Heterogeneous media packet bridging |
US9853917B2 (en) | 2003-08-27 | 2017-12-26 | Fortinet, Inc. | Heterogeneous media packet bridging |
US20090225754A1 (en) * | 2004-09-24 | 2009-09-10 | Fortinet, Inc. | Scalable ip-services enabled multicast forwarding with efficient resource utilization |
US9166805B1 (en) | 2004-09-24 | 2015-10-20 | Fortinet, Inc. | Scalable IP-services enabled multicast forwarding with efficient resource utilization |
US9167016B2 (en) | 2004-09-24 | 2015-10-20 | Fortinet, Inc. | Scalable IP-services enabled multicast forwarding with efficient resource utilization |
US8369258B2 (en) | 2004-09-24 | 2013-02-05 | Fortinet, Inc. | Scalable IP-services enabled multicast forwarding with efficient resource utilization |
US9319303B2 (en) | 2004-09-24 | 2016-04-19 | Fortinet, Inc. | Scalable IP-services enabled multicast forwarding with efficient resource utilization |
US8213347B2 (en) | 2004-09-24 | 2012-07-03 | Fortinet, Inc. | Scalable IP-services enabled multicast forwarding with efficient resource utilization |
US10038567B2 (en) | 2004-09-24 | 2018-07-31 | Fortinet, Inc. | Scalable IP-services enabled multicast forwarding with efficient resource utilization |
US7881244B2 (en) | 2004-09-24 | 2011-02-01 | Fortinet, Inc. | Scalable IP-services enabled multicast forwarding with efficient resource utilization |
US20060101159A1 (en) * | 2004-10-25 | 2006-05-11 | Alcatel | Internal load balancing in a data switch using distributed network processing |
US7639674B2 (en) * | 2004-10-25 | 2009-12-29 | Alcatel Lucent | Internal load balancing in a data switch using distributed network processing |
US7876683B2 (en) | 2004-11-18 | 2011-01-25 | Fortinet, Inc. | Managing hierarchically organized subscriber profiles |
US7869361B2 (en) | 2004-11-18 | 2011-01-11 | Fortinet, Inc. | Managing hierarchically organized subscriber profiles |
US7843813B2 (en) | 2004-11-18 | 2010-11-30 | Fortinet, Inc. | Managing hierarchically organized subscriber profiles |
US7961615B2 (en) | 2004-11-18 | 2011-06-14 | Fortinet, Inc. | Managing hierarchically organized subscriber profiles |
US20110219086A1 (en) * | 2006-03-01 | 2011-09-08 | Fortinet, Inc. | Electronic message and data tracking system |
US8040888B1 (en) | 2007-12-17 | 2011-10-18 | Integrated Device Technology, Inc. | Packet switch with port route tables |
Also Published As
Publication number | Publication date |
---|---|
US20050220102A1 (en) | 2005-10-06 |
EP1085711B1 (en) | 2013-06-05 |
EP1085711A1 (en) | 2001-03-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6985438B1 (en) | Method and apparatus for processing and forwarding data packets | |
US5509006A (en) | Apparatus and method for switching packets using tree memory | |
US10764200B2 (en) | Openflow match and action pipeline structure | |
US7307986B2 (en) | State record processing | |
US10009273B2 (en) | Apparatus and method of generating lookups and making decisions for packet modifying and forwarding in a software-defined network engine | |
US7917727B2 (en) | Data processing architectures for packet handling using a SIMD array | |
US10516626B1 (en) | Generating configuration data and API for programming a forwarding element | |
US6804815B1 (en) | Sequence control mechanism for enabling out of order context processing | |
US6631466B1 (en) | Parallel string pattern searches in respective ones of array of nanocomputers | |
US8555374B2 (en) | High performance packet processing using a general purpose processor | |
CN103368853A (en) | SIMD processing of network packets | |
US9083641B2 (en) | Method and apparatus for improving packet processing performance using multiple contexts | |
CN110035006A (en) | The individual networks equipment of Forwarding plane resetting | |
US7937495B2 (en) | System and method for modifying data transferred from a source to a destination | |
US11743181B2 (en) | High-level definition language for configuring internal forwarding paths of network devices | |
US9817594B2 (en) | System and method for broadcasting data to multiple hardware forwarding engines | |
US10754666B1 (en) | Hardware micro-services platform | |
Carlstrom et al. | Synchronous dataflow architecture for network processors | |
EP1631906B1 (en) | Maintaining entity order with gate managers | |
US20060129718A1 (en) | Method and apparatus for pipelined processing of data packets | |
Muthulakshmi et al. | ESP: a flexible, high-performance, PLD-based network service | |
US20040083337A1 (en) | Content addressable memory with automated learning | |
US6654372B1 (en) | Algorithm to bypass L4 processing in an internet protocol forwarding processor | |
US6700883B1 (en) | Algorithm to bypass L4 processing in an internet protocol forwarding processor | |
Liljeqvist | Visions and facts–a survey of network processors |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
FEPP | Fee payment procedure |
Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.) |
|
LAPS | Lapse for failure to pay maintenance fees |
Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.) |
|
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
FP | Lapsed due to failure to pay maintenance fee |
Effective date: 20180110 |